The FBI has sabotaged a suite of malware used by elite Russian spies, US authorities said Tuesday, giving a glimpse of the digital tug-of-war between two cyber superpowers.
Senior law enforcement officials said FBI technical experts had identified and disabled malware used by the Russian security service FSB against an undisclosed number of American computers, a move they hoped would deal a fatal blow to one of the main Russian cyber spy programs.
“We are evaluating this as their main spy tool,” one of the US officials told reporters before the launch. He said Washington hoped the operation «would eradicate him from the virtual battlefield.»
The official said the FSB spies behind the malware, known as Snake, are part of a notorious hacking group tracked by the private sector and known as «Turla.»
The group has been active for two decades against a variety of targets aligned with NATO, US government agencies and technology companies, a senior FBI official said.
Russian diplomats did not immediately return a message seeking comment. Moscow routinely denies conducting cyber espionage operations.
US officials spoke to reporters Tuesday ahead of the news release on condition of anonymity. Security agencies in the UK, Canada, Australia and New Zealand made similar announcements revealing the FSB’s cyber disruption effort.
Turla is widely considered to be one of the most sophisticated hacking teams studied by the security research community.
“They have persisted in the shadows with a focus on stealth and operational security,” said John Hultquist, vice president of threat analysis at US cybersecurity firm Mandiant. “They are one of the toughest targets we have.”